SSL Certificate isn't getting recognised Full (Strict)

Hey, Cloudflare community,

I have been trying to change my SSL certificate for my website from Flexible to Full (Strict) for some time now.
But I do not succeed.
I have started many attempts and unfortunately I have always failed.
I got my certificate of origin at Cloudflare and uploaded it to my server.
I connected the Key and PEM file to the default-ssl.conf file and I can’t get any further since then.
You always get the error 521 when you visit my website and I have no idea why.

Can someone please give me an answer to this I need it urgently!

Thanks in advance and best regards. Louis

It’s quite possible your server isn’t listening on Port 443 for SSL. You’d have to ask your host if this is the case.

1 Like

@sdayman thanks for your quick response.

I have now dealt with it and managed to get the server to listen on port 443. But now there is a new error. Instead of error 521 I now get 525. Some handshake did not work. Do I just have to wait or is this a serious error?

Waiting won’t help. It has an invalid certificate. If it’s the Cloudflare Origin certificate for that domain, it should work with Full (Strict). It will probably work with Full (not strict), but you may have to re-try generating an Origin Certificate for that domain reinstalling it. Then re-start the web server to load the new certificate.


thank you first and yes I will try again. I have already regenerated it once but it is possible that something went wrong :slight_smile:

1 Like


I have now regenerated it and installed it on the server but I still have no response from the server. I have also tried it with just Full, but I get no result there either.

Let’s see what the 525 Tip says:

This topic was automatically closed after 30 days. New replies are no longer allowed.